true]); // Config define('AUTH_USER', 'yacine'); define('AUTH_PASS_HASH', password_hash('Weval@2026', PASSWORD_BCRYPT)); // Change ce hash define('AUTH_COOKIE_NAME', 'weval_session'); define('AUTH_COOKIE_DAYS', 30); define('AUTH_SECRET', 'W3v4l_Auth_S1mpl3_2026_X9K'); function weval_check_auth() { // 1. Check session if (!empty($_SESSION['weval_authenticated']) && $_SESSION['weval_authenticated'] === true) { return true; } // 2. Check remember cookie if (!empty($_COOKIE[AUTH_COOKIE_NAME])) { $data = json_decode(base64_decode($_COOKIE[AUTH_COOKIE_NAME]), true); if ($data && isset($data['user'], $data['sig'], $data['exp'])) { if ($data['exp'] > time()) { $expected_sig = hash_hmac('sha256', $data['user'] . $data['exp'], AUTH_SECRET); if (hash_equals($expected_sig, $data['sig'])) { $_SESSION['weval_authenticated'] = true; $_SESSION['weval_user'] = $data['user']; return true; } } } } return false; } function weval_login($user, $pass) { if ($user === AUTH_USER && password_verify($pass, AUTH_PASS_HASH)) { $_SESSION['weval_authenticated'] = true; $_SESSION['weval_user'] = $user; // Set remember cookie $exp = time() + (AUTH_COOKIE_DAYS * 86400); $sig = hash_hmac('sha256', $user . $exp, AUTH_SECRET); $cookie_data = base64_encode(json_encode(['user' => $user, 'sig' => $sig, 'exp' => $exp])); setcookie(AUTH_COOKIE_NAME, $cookie_data, $exp, '/', '', true, true); return true; } return false; } function weval_logout() { $_SESSION = []; session_destroy(); setcookie(AUTH_COOKIE_NAME, '', time() - 3600, '/', '', true, true); } function weval_require_auth() { if (!weval_check_auth()) { $return_url = $_SERVER['REQUEST_URI']; header('Location: /login?r=' . urlencode($return_url)); exit; } }